On 04/06/10 17:33, Tom Lane wrote:
> Heikki Linnakangas<heikki.linnakangas@enterprisedb.com> writes:
>> On 04/06/10 07:57, Tom Lane wrote:
>>> The proposal some time back in this thread was to trust all built-in
>>> functions and no others.
>
>> I thought I debunked that idea already
>> (http://archives.postgresql.org/pgsql-hackers/2009-10/msg01428.php). Not
>> all built-in functions are safe. Consider casting integer to text, for
>> example.
(I meant "text to integer", of course)
> Maybe the entire idea is unworkable. I certainly don't find any comfort
> in your proposal in the above-referenced message to trust index
> operators; where is it written that those don't throw errors?
Let's consider b-tree operators for an index on the secure table, for
starters. Surely a b-tree index comparison operator can't throw an error
on any value that's in the table already, you would've gotten an error
trying to insert that.
Now, is it safe to expand that thinking to b-tree operators in general,
even if there's no such index on the table? I'm not sure. But indexable
operations are what we care about the most; the order of executing those
determines if you can use an index scan or not.
-- Heikki Linnakangas EnterpriseDB http://www.enterprisedb.com